Eucalyptus Cloud Computing Platform Administrator s Guide. Enterprise Edition 2.0

(1)

Eucalyptus®

Cloud Computing Platform

Administrator’s Guide

Enterprise Edition 2.0

(2)

Eucalyptus Cloud Computing Platform Administrator’s Guide

Eucalyptus is a registered trademark of Eucalyptus Systems, Inc. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries. Windows is a registered trademark of the Microsoft Corporation in the United States and other countries; VMware is a registered trademark of VMware, Inc. All other trademarks are the property of their respective owners.

(3)

8.2.1 SYSTEM Mode ... 68 Requirements ... 68 Limitations ... 69 Configuration ... 69 Configuration Example ... 69 8.2.2 STATIC Mode ... 70 Requirements ... 70 Limitations ... 70 Configuration ... 70 Configuration Example: ... 71 8.2.3 MANAGED Mode ... 72 Requirements ... 72 Limitations ... 72 Testing VLAN-clean ... 72 Configuration ... 73 Configuration Example ... 75 8.2.4 MANAGED-NOVLAN Mode ... 75 Requirements ... 76 Limitations ... 76 Configuration ... 76 Configuration Example ... 76 8.3 Multi-cluster Networking ... 77

8.4 Network Configuration for Components on Separate Machines ... 78

Section 9: Troubleshooting Eucalyptus EE ... 79

9.1 How to Troubleshoot Eucalyptus EE ... 79

9.2 Common Eucalyptus Problems and Solutions... 80

9.3 Troubleshooting VMware ... 85

Appendix A: Creating a Windows Image for Eucalyptus ... 86

Appendix B: Installing and Configuring Hypervisors (Xen/KVM) ... 93

B.1 Installing Xen on CentOS 5.5 ... 93

B.1.1 Configuring Xen ... 93

B.1.2 Running a Test VM with Xen Tools ... 94

B.2 Installing KVM on CentOS 5.5 ... 95

B.2.1 Running a Test VM on KVM ... 95

B.3 Configuring libvirt ... 95

B.3.1 Testing libvirt Configuration with virsh ... 95

Appendix C: Eucalyptus Admin-tools ... 97

C.1 User Management ... 97

C.2 Group Management ... 97

C.3 Permissions ... 97

C.4 Example Usage of User/Group Tools ... 98

C.5 Other ... 99

Appendix D: Overview of Cloud Computing ... 100

D.1 What is Cloud Computing? ... 100

(6)

D.3 Cloud Types (public, private, and hybrid) ... 102

D.4 Cloud Service Styles (SaaS, PaaS, IaaS) ... 104

D.5 Private Clouds: The Benefits of Automated Self-service ... 105

D.6 The Role of Open Source ... 105

D.7 Benefits of the Eucalyptus Cloud ... 107

(7)

Introduction

Eucalyptus Enterprise Edition (EE) 2.0 is a Linux-based software architecture that implements scalable, efficiency-enhancing private and hybrid clouds within an enterprise’s existing IT infrastructure. Eucalyptus provides Infrastructure as a Service (IaaS). This means that users can provision their own collections of resources (hardware, storage, and network) via Eucalyptus’ self-service interface on an as-needed basis. A Eucalyptus cloud is deployed across an enterprise’s “on-premise” data center and is accessed by users over enterprise intranet. Thus sensitive data remains secure from external intrusion behind the enterprise firewall.

Eucalyptus was designed from the ground up to be easy to install and as non-intrusive as possible. The software framework is highly modular, with industry-standard, language-agnostic communication. Eucalyptus is also unique by

providing a virtual network overlay that both isolates network traffic of different users and allows two or more clusters to appear to belong to the same Local Area Network (LAN). Eucalyptus also interoperates seamlessly with Amazon’s EC2 and S3 public cloud services and thus offers the enterprise a hybrid cloud capability. Initially developed to support the high performance computing (HPC) research of Professor Rich Wolski’s research group at the University of California, Santa Barbara, Eucalyptus is engineered based upon design principles that ensure

compatibility with existing Linux-based data center installations. Eucalyptus can be deployed without modification on all major Linux OS distributions, including

Ubuntu, CentOS, openSUSE, and Debian. Ubuntu distributions now include the Eucalyptus software core as the key component of the Ubuntu Enterprise Cloud.

Who Should Read this Guide?

This guide is written for system, network, and cloud administrators tasked with deploying, managing, and maintaining the Eucalyptus EE 2.0 cloud platform.

What’s in this Guide?

This guide contains comprehensive instructions and reference materials to assist you in setting up, installing, configuring, managing and maintaining the Eucalyptus EE 2.0 cloud platform. The following is an overview of its contents:

(8)

Part I provides an introduction to the components of a Eucalyptus cloud, including Cloud Controller (CLC), Walrus (W), Cluster Controller (CC), Storage Controller (SC), Node Controller (NC) and VMware Broker (Broker). We also introduce you to the new features available in Eucalyptus EE 2.0, including Windows VM support, VMware support, SAN support, and User and Groups management and Accounting reports.

Part II: Deploying Your Eucalyptus Cloud

Part II shows you how to deploy the Eucalyptus cloud in three phases: (1) Setting up your environment (installation prerequisites); (2) Installing Eucalyptus dependency and component software; and (3) Registering and configuring your Eucalyptus cloud. Setup requirements are provided for each of the new Eucalyptus EE 2.0 optional features (Windows VM, VMware, and SAN support); and detailed instructions are provided for installing Eucalyptus EE 2.0 on CentOS 5.5 and openSUSE 11.2.

Part III: Managing Your Eucalyptus Cloud

Part III introduces you to the management features available in Eucalyptus EE 2.0. We begin with a tour of the Eucalyptus Web UI and proceed with a discussion of the new Users and Groups management interface —an easy graphical way for

administrators to create groups, add users, and associate clusters with groups. Lastly, we present the new Accounting Reports interface that lets administrators view information on cloud activities and resource usage, which can be used as a basis for cloud auditing and resource management.

Part IV: Advanced Networking and Troubleshooting

Part IV discusses the four Eucalyptus networking modes: SYSTEM, STATIC,

MANAGED, and MANAGED NOVLAN. We begin with an overview of each mode and show you how to configure each mode depending on the networking and security needs of your organization. Finally, we provide a troubleshooting section that includes recommended fixes to common configuration issues.

Appendices

Appendix A: Creating Windows images for use in Eucalyptus shows you how to create a Windows VM image (from scratch) from which you can run instances in Eucalyptus EE with Windows VM support.

Appendix B: Installing and Configuring Hypervisors provides detailed instructions on installing and configuring Xen and KVM hypervisors on your system for use with Eucalyptus; and it shows you how to test and confirm that Eucalyptus is

(9)

Appendix C: Admin tools presents in tabular form several Eucalyptus commands, including command-line alternates for several Users and Groups management functions.

Appendix D: An Overview of Cloud Computing presents a broad overview of the general cloud computing landscape and is useful for those who wish to gain a better understanding of how cloud computing can benefit the IT organization. For Euca2ools (Eucalyptus client tools) instructions, see the Eucalyptus EE User Guide.

What’s New in Eucalyptus EE 2.0?

Eucalyptus EE 2.0 adds these new extended features to the Eucalyptus core: • Windows VM support

• VMware Support • SAN support

• Users and Groups management • Accounting Reports

For a comprehensive introduction to these features, see Section 2.2: New Features in Eucalyptus EE 2.0.

Conventions Used in this Guide

Instructional examples in this guide generally refer to a single cluster Eucalyptus cloud deployment, where all Eucalyptus components (except Node Controller) are installed on a single machine, generally referred to in the text as the front-end machine or, simply, the front end. The Node Controller is installed on one or more node machines referred to as either node machine(s) or node(s). Note that in more advanced configurations, components may be installed on separate machines. In this case “front end” refers only to the machine hosting the Cloud Controller, while we may introduce additional machines that host Walrus, Storage Controller, and Cluster Controller. Command line examples in this guide generally use the following format to designate the user and the specific machine on which the administrator performs a given function:

(10)

HOST MACHINE USER

Front-end (Cloud Controller) [root@clc]#

Walrus [root@walrus]#

Cluster Controller [root@cc]#

Storage Controller [root@sc]#

Node Controller [root@node1]#

Client [admin@client1]$

For example, in the above definitions, we see the user root on the machine called clc. Typically, in our examples we assume a single cluster deployment, with the Cloud Controller, Walrus, Storage Controller, and Cluster Controller on the front-end machine.

Left/right arrows < > are used to indicate variables. For example, within a code sample, a specific IP Address might be represented as <IPAddress> (where the actual input might be 192.168.7.82). Similarly, a command argument requiring the name of a node or cluster may appear as <nodeName> or <clusterName>.

Arguments accepting more than one variable inputs use the variable “N” to indicate multiple possible variable inputs. For example a command argument that accepts multiple node names may appear as <nodeName1 … nodeNameN>.

Fonts: General instructional text is presented in Cambria 12 pt font. Command line input/output, as well as directory locations are printed in Courier 10 pt. font. For example: /etc/eucalyptus.

Bolded text is used within text discussions and command line samples to draw attention to the specific command or portion of command line input/output under discussion.

Italics are used throughout the text to indicate names (for example a host machine called clc) and to emphasize important Eucalyptus and cloud computing terms and phrases.

Contacting Eucalyptus

Please send any questions, corrections, comments, or suggestions for this Administrator’s guide to [email protected].

(11)

Part I – Welcome to Eucalyptus EE 2.0

Welcome to Eucalyptus! Part I introduces the Eucalyptus EE 2.0 private cloud platform. First, we provide an overview of the Eucalyptus Components—the basic software modules that comprise a Eucalyptus cloud. We show you what these components are, what they do, and how they interact to form an efficiency-enhancing Eucalyptus cloud. Then we introduce the version 2.0 features that are new to Eucalyptus EE, including support for Windows VMs, VMware infrastructure, and enterprise-grade SAN devices.

Who should read Part I?

The material in Part I is directed towards system administrators and other IT professionals who wish to gain an understanding of Eucalyptus software components (and the extended features of Eucalyptus EE 2.0) as a basis for administering the Eucalyptus cloud in an enterprise data center environment.

Part I discusses these topics:

• Eucalyptus components.

(12)

Section 1: Introducing Eucalyptus Components

The Eucalyptus cloud system has five high-level components—Cloud Controller (CLC), Walrus, Cluster Controller (CC), Storage Controller (SC) and Node Controller (NC), which are depicted in Figure 1.1. Each high-level system component has its own Web interface and is implemented as a stand-alone Web service. This has two major advantages: First, each Web service exposes a well defined

language-agnostic API in the form of a WSDL document containing both the operations that the service can perform and the input/output data structures. Second, Eucalyptus leverages existing Web-service features such as security policies (WSS) for secure communication between components and relies on industry-standard web-services software packages.

Figure 1.1 Eucalyptus Cloud components: Cloud Controller (CLC), Walrus, Cluster Controller (CC), Storage Controller (SC), and Node Controller (NC). Diagram shows interconnectivity of components in a two-cluster Eucalyptus cloud system. Eucalyptus EE with VMware support includes an additional component: VMware Broker. A detailed description of each Eucalyptus Component follows.

(13)

1.1 Cloud Controller (CLC)

The Cloud Controller (CLC) is the entry-point into the cloud for administrators, developers, project managers, and end-users. The CLC is responsible for querying the node managers for information about resources, making high-level scheduling decisions, and implementing them by making requests to the Cluster Controllers (CC). The CLC, as shown in Figure 1, is also the interface to the management platform. In essence, the CLC is responsible for exposing and managing the

underlying virtualized resources (servers, network, and storage) via a well-defined industry standard API (Amazon EC2) and via a Web-based user interface.

1.2 Walrus

Walrus allows users to store persistent data, organized as buckets and objects. It allows one to create, delete, list buckets, put, get, delete objects, and set access control policies. Walrus is interface compatible with Amazon’s S3, providing a mechanism for storing and accessing virtual machine images and user data.

1.3 Cluster Controller (CC)

The Cluster Controller (CC) generally executes on a cluster front-end machine, or any machine that has network connectivity to both the machines running the Node Controller (NC) and to the machine running the CLC. CCs gather information about a set of virtual machines (VM) and schedules VM execution on specific nodes. The CC also manages the virtual instance network and participates in the enforcement of SLAs as directed by the CLC. All nodes associated with a single CC must be in the same broadcast domain (Ethernet).

1.4 Storage Controller (SC)

The Storage Controller (SC) provides functionality similar to the Amazon Elastic Block Storage (EBS) and is capable of interfacing with various storage systems (NFS, iSCSI, etc.). Elastic block storage is a block device that can be attached to an instance file system. An EBS cannot be shared across instances but does allow a snapshot to be created and stored in a central storage system such as Walrus, the Eucalyptus storage service. Eucalyptus EE with SAN support lets you use your enterprise-grade SAN devices to host EBS storage within a Eucalyptus cloud.

(14)

1.5 Node Controller (NC)

The Node Controller (NC) is executed on every machine that is designated for hosting VM instances. The NC controls VM activities, including the execution, inspection, and termination of VM instances. It also fetches and cleans up local copies of instance images (the kernel, the root file system, and the ramdisk image), and it queries and controls the system software (host OS and the hypervisor) in response to queries and control requests from the CC. The NC is also responsible for the management of the virtual network endpoint.

1.6 VMware Broker

VMware Broker (Broker) is an additional Eucalyptus component activated only in versions of Eucalyptus EE with VMware support. (Note that the Broker is not depicted in Figure 1.1). VMware Broker enables Eucalyptus to deploy VMs on VMware infrastructure elements and mediates all interactions between the Cluster Controller (CC) and VMware hypervisors (ESX/ESXi) either directly or through VMware vCenter. For additional information on VMware Broker, see Section 2.2: Introducing VMware support.

(15)

Section 2: New Features in Eucalyptus EE 2.0

Eucalyptus EE 2.0 extends the capabilities of the Eucalyptus cloud platform with support for Windows VMs, support for VMware infrastructure elements (e.g., ESX/ESXi, and vCenter), and support for enterprise-grade SAN devices. In addition, Eucalyptus 2.0 EE introduces an enhanced Web UI that includes new Users and Groups management and Accounting Reports interfaces The following section takes a closer look at some of these new features in Eucalyptus EE.

2.1 Introducing Windows VM Support

Eucalyptus EE with Windows VM support lets you run and manage Windows-based virtual machines inside a Eucalyptus cloud computing system.

What features does Windows VM support provide? Eucalyptus EE with Windows VM support lets you:

• Run Windows-based virtual machines (VMs). Eucalyptus currently supports Windows 2003 Server, Windows 2008 Server, and Windows 7.

• Manage and control Windows VMs using Euca2ools.

• Create new Windows VM instances from running Window VMs using EC2 compatible bundle-instance, describe-bundle-task, and

cancel-bundle-task commands.

• Access Windows VM instances inside Eucalyptus using AWS “get-password” protocol via standard RDP client tools.

• Deploy Windows VM instances on multiple hypervisors, including Xen, KVM, and VMware (ESX/ESXi).

• Create new Windows VMs from base Windows OS installation files (.iso images or CD/DVD).

2.2 Introducing VMware Support

Eucalyptus EE with VMware support enables Eucalyptus to deploy and manage virtual machines on VMware hypervisors (ESX/ESXi, either directly or through VMware vCenter), while offering an EC2/S3-compatible interface to end users. Eucalyptus EE with VMware support includes an additional component —VMware Broker. VMware Broker arbitrates all interaction between Eucalyptus and VMware

(16)

infrastructure components (i.e., ESX/ESXi, and vCenter). The following diagram (Figure 2.2) depicts the architecture of a Eucalyptus cloud with VMware Broker (and VMware infrastructure components) deployed alongside a typical open-source (KVM or XEN hypervisor-based) deployment.

Figure 2.2 High-level architecture of Eucalyptus EE with VMware support. The VMware Broker handles all interaction between the Eucalyptus cloud and VMware infrastructure components and can run concurrently with a standard open-source (KVM or Xen hypervisor-based) cluster.

What features does VMware support provide? Eucalyptus EE with VMware support provides: • _{Support for VMware vCenter 4.0, ESX/ESXi 4.0}

• _{Compatibility with VMware vSphere Client, which can be used alongside} Eucalyptus

• _{Ability to incorporate both VMware (ESX/ ESXi) and open-source (XEN and} KVM) hypervisors into a single cloud infrastructure.

• _{Extend cloud-based features (e.g., elastic IPs, security groups, S3, etc.) to a} VMware infrastructure via the Eucalyptus software.

2.3 Introducing SAN Support

Eucalyptus EE with SAN support lets you integrate enterprise-grade SAN (Storage Area Network) hardware devices into a Eucalyptus cloud. SAN support extends the functionality of the Eucalyptus Storage Controller (SC) to provide a

(17)

high-performance data conduit between VMs running in Eucalyptus and attached SAN devices. Thus, Eucalyptus EE with SAN support provides a production-level EBS (block storage) solution for your Eucalyptus cloud.

Figure 2.2 High-level architecture of Eucalyptus EE with SAN Support. Extended functionality of the Eucalyptus Storage Controller (SC) allows for integration of enterprise-grade SAN devices into a Eucalyptus cloud. VMs running in Eucalyptus link directly to attached SANs, thus avoiding I/O communication bottlenecks of the physical host. What features does SAN support provide?

Eucalyptus EE with SAN support lets you:

• Integrate Eucalyptus block storage functionality (dynamic block volumes, snapshots, creating volumes from snapshots, etc.) with existing SAN devices. • Link VMs in the Eucalyptus cloud directly to SAN devices, thereby removing I/O

communication bottlenecks of the physical hardware host.

• Incorporate enterprise-level SAN features (high-speed, large-capacity,

reliability) to deliver a production-ready EBS (block storage) solution for the enterprise.

• Attach SAN devices to Eucalyptus deployments on XEN, KVM, and VMware (ESX/ESXi 4.0) hypervisors.

2.4 Introducing Users and Groups Management Interface

Eucalyptus EE adds a new Users and Groups Web interface that provides

administrators with a convenient graphical tool for managing users and groups interacting with the Eucalyptus cloud. The interface lets administrators create

(18)

groups based on business entities (e.g., engineering, accounting, publishing), add users to these groups, and apportion cloud resources by assigning permissions to availability zones (clusters) on a per group basis.

What features does the Users and Groups management interface provide? • Add, modify, and delete users

• Create groups based on one or more availability zones. • Assign and remove users to and from groups

2.5 Introducing Accounting Reports

Eucalyptus 2.0 EE introduces a new Accounting Reports interface, which provides administrators with tools for viewing statistics of Eucalyptus cloud activities and resource usage. These include system events (i.e., functions performed in the cloud), user and group resource usage, and Eucalyptus component deployment. Administrators can use this information as a basis for auditing and resource allocation.

What features does Accounting Reports provide? • System Events logs

• User and Group event logs • Component log

• Resource Usage (IP Addresses, Instances, Block Storage) • Customizable reports on per time basis (i.e., date range)

(19)

Part II – Deploying Your Eucalyptus EE Cloud

Part II shows you how to deploy your Eucalyptus EE cloud. First, we provide the prerequisite steps you must perform to setup your environment for a Eucalyptus installation. Next, you’ll learn how to install Eucalyptus from binary packages (on CentOS 5.5, openSUSE 11.2, and Ubuntu Server 10.04 as examples), and how to license and start your cloud. Then we show you how to register and perform an initial Eucalyptus configuration. Finally, we give you the necessary steps for configuring Eucalyptus EE with Windows VM support, VMware support, and SAN support.

Deployment Overview:

Step1: Setup the environment (installation prerequisites). Step 2: Install Eucalyptus.

Step 3: Configure the cloud.

Who should read Part II?

The material in Part II is designed to help system administrators and other IT professionals install and configure a Eucalyptus cloud in a professional data center environment.

Part II discusses these topics:

• Baseline prerequisites

• Additional prerequisites for Windows VM, VMware, and SAN support • Downloading packages

• Installing Eucalyptus EE dependencies, components, and license • Starting Eucalyptus

• Registering Eucalyptus • Adding and removing nodes

• Configuring Eucalyptus EE for Windows VM support, VMware support, and SAN support

(20)

Section 3: Installing Eucalyptus EE 2.0

A Eucalyptus cloud installation consists of five basic components, plus an additional component with installations of Eucalyptus EE with VMware support. The Cloud

Controller (CLC) and Walrus are top-level components, with one of each in a cloud

installation. The Cloud Controller offers EC2-compatible SOAP and "Query" interfaces, as well as a Web interface to the outside world. In addition to handling incoming requests, the Cloud Controller performs high-level resource scheduling and system accounting. Walrus implements bucket-based storage, which is available outside and inside a cloud through S3-compatible SOAP and REST interfaces.

Top-level components (CLC and Walrus) can aggregate resources from multiple clusters (i.e., collections of nodes sharing a LAN segment, possibly residing behind a firewall). Each cluster has a Cluster Controller (CC) for cluster-level scheduling and network control and a Storage Controller (SC) for EBS-style block-based storage. The two cluster-level components would typically be deployed on the head-node of a cluster. Finally, every node with a hypervisor has a Node Controller (NC) for controlling the hypervisor. Communication among these components takes place over SOAP with WS-security.

Eucalyptus EE with VMware support includes an additional component—VMware

Broker—that enables Eucalyptus to deploy VMs on VMware hypervisors

(ESX/ESXi) directly or through VMware vCenter.

About These Instructions

Instructions in this guide generally refer to a single cluster installation, in which all components except NC are co-located on one machine, which we refer to as the front end. All other machines, running only NCs, we refer to as nodes. In more advanced configurations, such as those with multiple CCs or with Walrus deployed separately, the front-end will refer only to the machine running the CLC.

3.1 Setting up the Eucalyptus EE Environment (Prerequisites)

This section shows you how to set up your computing environment for a Eucalyptus EE installation on Centos 5.5. Baseline prerequisites apply to all Eucalyptus EE systems. Additional prerequisites are provided as applicable for optional Eucalyptus EE features, including Windows support, VMware support, and SAN support.

(21)

3.1.1 Baseline Prerequisites for Eucalyptus EE

For a standard installation of CentOS 5.5, the following steps will satisfy all prerequisites;

1. The front end, node(s), and client machine system clocks are synchronized (e.g., using NTP):

2. Each node has a fully installed and configured Xen hypervisor that allows controlling the hypervisor via HTTP from localhost. You will also need a kernel with Xen support enabled. For more information, see Appendix B: Installing and Configuring Hypervisors.

3. Firewall rules must permit the Eucalyptus components to communicate with one another, and clients to communicate with Eucalyptus. On the front end, ports 8443, 8773, and 8774 must be open; on the node, port 8775 must be open. If you are planning on using Elastic IPs and/or Security Groups, you may want to consider disabling the firewall and using Eucalyptus facilities for

enabling custom firewall rules on both the front end and nodes. For example, on CentOS 5.5:

From a text console:

• run system-config-securitylevel-tui • select Security Level: Disabled • select OK

From an X terminal:

• run system-config-securitylevel • select 'Disabled' for 'Firewall' • select the 'SELinux' tab

• select either 'Permissive' or 'Disabled' for SELinux Setting

4. (Optional) The Eucalyptus CLC uses the systems existing SMTP services to deliver account information and system-level alerts. If you want these messages to be delivered as part of the Enterprise's Email infrastructure, you must

configure SMTP services (e.g., postfix, sendmail, dovecot, etc.). Please contact your local Email Administrator for the proper configuration of the SMTP service that complies with local policies.

[root@clc]# yum install -y ntp [root@clc]# ntpdate pool.ntp.org

(22)

3.1.2 Additional Prerequisites for Windows VM Support

Eucalyptus EE with Windows VM support has these additional prerequisites: 1. A licensed installation copy (.iso image or CD/DVD disk) of a compatible

Windows OS. Eucalyptus EE currently supports Windows virtual machines created from Windows Server 2003, Windows Server 2008, and Windows 7. For additional Windows-related licensing information, see the following links:

Windows Volume Activation Overview Guide

http://technet.microsoft.com/en-us/library/dd979803.aspx

Windows Volume Activation Planning Guide

Windows Volume Activation Deployment Guide

2. A VNC client such as RealVNC or Virtual Manager/Virtual Viewer (Centos/Xen) must be available for initial installation. (Subsequent Eucalyptus-hosted

Windows instances will use RDP, but the initial installation requires VNC.) For information on preparing a Windows virtual machine image from your base Windows OS, see Appendix A.

3.1.3 Additional Prerequisites for VMware Support

Eucalyptus EE with VMware support has the following additional prerequisites: 1. Installed and configured VMware infrastructure software (ESX 4.0 and/or ESXi

4.0 hypervisors with or without vCenter Server 4.0)

2. The front-end machine must be able to reach the VMware hosts on ports 443, 902, and 903.

3. The VMware ‘Administrator’ account credentials must be provided to Eucalyptus when configuring VMware support (see section ‘Configuring

VMware Support’ below), or an equivalent account with sufficient permissions must be created on VMware vCenter or ESX hosts:

(23)

The most straightforward way to configure vSphere for Eucalyptus—and the least likely to incur permissions-related complications—is to give Eucalyptus unrestricted (administrator-level) access to your vSphere endpoint(s). This can be accomplished either by using an existing administrative account and

password or by creating a new account for Eucalyptus and associating it with vSphere’s standard ‘Administrator’ role at the top level of the vSphere hierarchy as seen in vSphere client.

Figure 3.1 The vSphere client Assign Permissions window. Here you can associate user ‘eucalyptus’ with ‘Administrator’ role at the top of the vSphere hierarchy.

Option B: ‘Least privilege’ access to vSphere infrastructure:

To give the minimum required amount of control to Eucalyptus over your vSphere infrastructure, you will need to create one new user and two new roles. The new user, named, e.g., ‘eucalyptus’, and its password will be used when configuring Eucalyptus for VMware support (as described in Section 4.4

Configuring VMware Support). The new roles should be defined and associated with vSphere objects as follows:

(1) Top-level role, named, e.g., ‘Eucalyptus vSphere’, must be associated with the ‘eucalyptus’ user at the top level of the vSphere hierarchy only

(“Propagate to Child Objects” does not need to be checked). This role should have only one privilege:

Global Licenses

(24)

(2) Resource-level role, named, e.g., ‘Eucalyptus’, can be associated with the ‘eucalyptus’ user at the level(s) encapsulating the resources that you wish Eucalyptus to use. For example, you can create a new virtual datacenter for Eucalyptus to use, add to it the relevant hosts or clusters, and assign the ‘eucalyptus’ user ‘Eucalyptus’ role for the new datacenter (making sure to check “Propagate to Child Objects”). The ‘Eucalyptus’ role should have the following privileges:

4. Each node requires at least one datastore (either local or one shared by multiple nodes). If more than one datastore is available to a node, Eucalyptus will choose the datastore arbitrarily. Hence you may need to specify a datastore in

Eucalyptus’s configuration file for VMware (vmware_conf.xml).

To check datastores available on a host, perform the following steps with vSphere client pointed either at vCenter or at a particular ESX/ESXi node: 1. Select a host in left-hand-side panel.

2. Select the "Configuration" tab.

3. Select "Storage" in the secondary left-hand-side panel. 4. Select "View: Datastores" at the top of the panel.

Similarly, each node must have a network reachable by the node running Eucalyptus. If more than one network is available, you may need to specify a network in vmware_conf.xml. For information on vmware_conf.xml (including proper XML syntax), see Section 4.4.1: Testing VMware Broker Configuration.

Datastore

Allocate Space Browse datastore Low level file operations Folder

Create folder Host

Configuration

Network configuration

Storage partition configuration Network

Assign network Resource

Assign virtual machine to resource pool Virtual machine

(25)

To check the network settings and create a network (if necessary) perform the following steps with vSphere client pointed either at vCenter or at a particular ESX/ESXi node:

1. Select a host in left-hand-side panel. 2. Select the "Configuration" tab.

3. Select "Networking" in the secondary left-hand-side panel. 4. If there is no "VM Network" in the list, add it as follows:

a. Click "Add Networking..." in the upper-right corner. b. Select "Virtual Machine" and click "Next."

c. Select a switch (e.g., "Use vSwitch0") and click "Next."

d. Enter "VM Network” for Network Label, leave VLAN ID blank, and click "Next."

e. Check the summary and click "Finish".

5. To enable EBS support in Eucalyptus on VMware, each of the ESX/ESXi nodes in your infrastructure must be configured to support iSCSI. Given a node that is licensed for iSCSI support, this amounts to enabling and configuring the gateway for the VMkernel network. To accomplish that, perform the following steps with vSphere client pointed either at vCenter or at a particular ESX/ESXi node:

1. Select a host in left-hand-side panel. 2. Select the "Configuration" tab.

3. Select "Networking" in the secondary left-hand-side panel. 4. If there is no “VMkernel” network listed, add it as follows:

a. Click "Add Networking..." in the upper-right corner. b. Select "VMkernel" and click "Next."

c. Select a switch (e.g., "Use vSwitch0") and click "Next." d. Select the label, VLAN ID (if any) and click "Next."

e. Select dynamic or static network configuration and click "Next", f. Click "Finish".

5. Select "DNS and Routing" in the secondary left-hand-side panel. 6. If “VMkernel” does not have a gateway, add it as follows:

(26)

b. Select the "Routing" tab, enter gateway's IP, and click “OK”.

For additional information on configuring vSphere, see the VMware website at http://www.vmware.com/support/pubs/vs_pubs.html.

6. Ensure that VMware Tools are installed in the images that you will instantiate through Eucalyptus. This allows Eucalyptus to discover an instance’s IP address in SYSTEM networking mode. This is also required for using the

euca-bundle-instance command when running Windows VMs in Eucalyptus. For information on euca-bundle-instance, see the Eucalyptus EE User Guide. For information on installing VMware Tools, consult VMware documentation at www.vmware.com.

3.1.4 Additional Prerequisites for SAN Support

Eucalyptus EE with SAN support has these additional prerequisites:

• Configured SAN device(s). Eucalyptus currently supports these SAN devices: • Dell EqualLogic (PS4000 series, PS6000 series). For more information on

Dell EqualLogic SANs, see www.dell.com.

• NetApp (FAS2000 series, FAS6000 series) supported. For more information on NetApp SANs, see www.netapp.com.

For the latest information on Eucalyptus supported SAN devices, see the Eucalyptus website at www.eucalyptus.com.

(27)

3.2 Eucalyptus EE Installation Steps

This section outlines the steps required for installing Eucalyptus EE from binary packages:

Step 1: Download installation packages. Step 2: Install OS dependencies.

Step 3: Install Eucalyptus dependencies

Step 4: Install Eucalyptus EE components: CLC, Walrus, CC, SC, NC, and optionally VMware broker (for VMware support)

Step 5: Install Eucalyptus EE license. Step 6: Start Eucalyptus EE.

(Note that before you can run VMs in the Eucalyptus cloud, you must first register the Eucalyptus components (to connect them), as shown in Section 4: Configuring Eucalyptus.)

The following sections 3.3 and 3.4 provide detailed instructions for installing Eucalyptus EE on CentOS 5.5 and openSUSE 11.2, respectively.

3.3 Installing Eucalyptus EE 2.0 on CentOS 5.5

This section shows you how to install Eucalyptus EE from binary packages on CentOS 5.5. In what follows, make sure the value of $VERSION is set to the version of Eucalyptus you wish to install. For example, we can set the value 2.0.1 using bash:

3.3.1 Download Installation Packages

Eucalyptus provides installation packages bundled into two tarballs: one containing third-party dependencies that Eucalyptus relies on (e.g., Rampart, Axis2C, Java libraries, etc.), the other containing Eucalyptus components (CLC, Walrus, SC, CC, NC, and VMware Broker).

First, download the appropriate tarballs for your system architecture (32-bit or 64-bit) from the location provided to you by Eucalyptus.

(28)

Eucalyptus dependency packages:

32-bit machines: eucalyptus-deps-centos-i386-${VERSION}eee.tar.gz 64-bit machines: eucalyptus-deps-centos-x86_64-${VERSION}eee.tar.gz

Eucalyptus component packages:

32-bit machines: eucalyptus-centos-i386-${VERSION}eee.tar.gz 64-bit machines: eucalyptus-centos-x86_64-${VERSION}eee.tar.gz Next, untar the bundles in a temporary location as shown:

3.3.2 Installing OS Dependencies

Before installing Eucalyptus, you must first prepare your system by installing CentOS 5.5 operating system dependencies, as shown:

3.3.3 Installing Eucalyptus Dependencies

Install JDK

First, install the Sun JDK on the front-end machine (CLC, Walrus, SC and VMware Broker rely on this dependency) as shown:

Go to http://java.sun.com/javase/downloads/index.jsp and select Java Platform JDK. In the drop-down menu under "Platform:" select either Linux (for i386) or Linux x64 (for x86_64). Once you have download the jdk*.bin file, install the package as follows:

[root@clc]#yum install -y java-1.6.0-openjdk-devel ant \ ant-nodeps libvirt-devel curl-devel httpd httpd-devel \ apr-devel openssl-devel dhcp libxml2 libxml2-devel \

gnutls gnutls-devel xen-devel libgcrypt-devel zlib-devel \ mysql openldap-clients perl-Convert-ASN1 chkfontpath \ scsi-target-utils fuse-libs libgcc.i386 bridge-utils [root@clc]#tar zxvf eucalyptus-deps-centos-*.tar.gz

[root@clc]#tar zxvf eucalyptus-centos-*.tar.gz

[root@clc]#chmod 0700 jdk*.bin [root@clc]#./jdk*.bin

(29)

The ./jdk*.bin command will install all the files in a folder labeled jdk1.6.0_20 for example. Now create the directory/opt/packages/jdk, and move the contents of the folder jdk1.6.0_20 to /opt/packages/jdk, as shown:

For more information about installing Java Development Kit, please visit the following link: http://java.sun.com/javase/6/webnotes/install/index.html#linux. Install Standard Dependencies

Second, install the Eucalyptus-prepared dependency RPMs on all machines (i.e., install all RPMs on both front-end and node machines) (Note that you must remove any preexisting copies of these dependencies prior to installation. Multiple copies of a dependency will return an error message.)

Install VDDK

Third, install the VMware’s VIX DiskLib dynamic libraries (VDDK) on the front end. These libraries are contained within the vmware-vix-disklib-distrib folder within the eucalyptus dependences tarball.

Run the installer script, accepting the End User License Agreement and selecting the default install prefix [/opt/packages/vddk] as the root directory where all folders will be placed, as shown:

[root@clc]#cd eucalyptus-deps*

[root@clc]#yum install -y *.rpm --nogpgcheck [root@node1]#cd eucalyptus-deps*

[root@node1]#yum install -y *.rpm --nogpgcheck [root@clc]# mkdir -p /opt/packages/jdk

(30)

3.3.4 Installing Eucalyptus Component Packages

On the front end, install the Eucalyptus component RPMs (-cloud, -walrus, -sc,

-cc) (Note that if you are running a licensed version of Eucalyptus with VMware support, you will also install –broker) as shown. In the following examples, we use x86_64, which should be replaced with i386 on 32-bit architectures.

On the node machine(s), install the NC RPMs (-nc), as shown:

[root@clc]# rpm -Uvh eucalyptus-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-common-java-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-cloud-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-walrus-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-sc-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-cc-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-gl-${VERSION}eee-0.*.x86_64.rpm

# include the following RPM for Vmware support only eucalyptus-broker-${VERSION}eee-0.*.x86_64.rpm

[root@node1]# rpm -Uvh eucalyptus-$VERSION-0.*.x86_64.rpm \ eucalyptus-nc-${VERSION}eee-0.*.x86_64.rpm \

eucalyptus-gl-${VERSION}eee-0.*.x86_64.rpm

[root@clc]# cd eucalyptus-deps*/vmware-vix-disklib-distrib

[root@clc]# ./vmware-install.pl

Creating a new VMware VIX DiskLib API installer database using the tar4 format. Installing VMware VIX DiskLib API.

You must read and accept the VMware VIX DiskLib API End User License Agreement to continue. Press enter to display it.

Do you accept? (yes/no) yes

Thank you.

What prefix do you want to use to install VMware VIX DiskLib API? The prefix is the root directory where the other

folders such as man, bin, doc, lib, etc. will be placed. /opt/packages/vddk

The installation of VMware VIX DiskLib API 1.1.0 build-163495 for Linux completed successfully. You can decide to remove this software from your system at any time by invoking the following command:

"/usr/bin/vmware-uninstall-vix-disklib.pl". Enjoy,

(31)

3.3.5 Installing the Eucalyptus EE License

Along with the Eucalyptus EE software you have received a license file. Please install this file in the following directory:

/etc/eucalyptus/

3.3.6 Starting Eucalyptus

Startup your Eucalyptus services. On the front end, enter:

(Note that before starting the node controller, you must ensure that your hypervisor and libvirt are configured correctly to run Eucalyptus. For more information, see Appendix B: Installing and Configuring Hypervisors.)

On the node machine, start the node controller:

You have now installed Eucalyptus EE software on CentOS 5.5 and are ready to proceed with registering and configuring your Eucalyptus cloud. Note that before you can run VMs in Eucalyptus, you must first register the Eucalyptus components (to connect them), as described in Section 4: Configuring Eucalyptus.

3.4 Installing Eucalyptus EE 2.0 on openSUSE 11.2

To install Eucalyptus EE on openSUSE 11.2, follow the steps outlined in the above Section 3.2: Eucalyptus EE installation steps. Be sure to download and install the corresponding openSUSE 11.2 packages. In addition, make sure the value of $VERSION is set to the version of Eucalyptus you wish to install. For example, we can set the value 2.0.1 using bash:

[root@clc]# /etc/init.d/eucalyptus-cloud start [root@clc]# /etc/init.d/eucalyptus-cc start

[root@node1]# /etc/init.d/eucalyptus-nc start

(32)

3.4.1 Download Installation Packages

First, download the appropriate tarballs for your operating system at http://open.eucalyptus.com/downloads.

Eucalyptus dependency packages:

32-bit machines: eucalyptus-deps-opensuse-i586-${VERSION}eee.tar.gz 64-bit machines: eucalyptus-deps-opensuse-x86_64-${VERSION}eee.tar.gz

Eucalyptus component packages:

32-bit machines: eucalyptus-opensuse-i586-${VERSION}eee.tar.gz 64-bit machines: eucalyptus-opensuse-x86_64-${VERSION}eee.tar.gz Next, untar the bundles in a temporary location as shown:

3.4.2 Installing OS Dependencies

Install the following openSUSE 11.2 dependencies, as shown:

3.4.3 Install Eucalyptus Dependencies

Install JDK

First, install the Sun JDK on the front-end machine (CLC, Walrus, SC and VMware Broker rely on this dependency) as shown:

Go to http://java.sun.com/javase/downloads/index.jsp and select Java Platform JDK.

[root@clc]#tar zxvf eucalyptus-opensuse-*.tar.gz [root@clc]#tar zxvf eucalyptus-deps-opensuse-*.tar.gz

[root@clc]# zypper -n in curl bzr python-paramiko make \ gcc ant apache2 apache2-prefork apache2-devel \

java-1_6_0-openjdk java-1_6_0-openjdk-devel libvirt-devel \ libcurl-devel vlan dhcp-server bridge-utils ant-contrib \ ant-nodeps openssl mysql openldap2-client libvirt \

apache2 perl-Crypt-OpenSSL-Random \

(33)

In the drop-down menu under "Platform:" select either Linux (for i386) or Linux x64 (for x86_64). Once you have downloaded the jdk*.bin file, install the package:

The ./jdk*.bin command installs all the files in a folder labeled jdk1.6.0_20 for example. Now create the directory/opt/packages/jdk, and move the contents of the folder jdk1.6.0_20 to /opt/packages/jdk, as shown:

For more information about installing Java Development Kit, please visit the following link: http://java.sun.com/javase/6/webnotes/install/index.html#linux. Install Standard Dependencies

Second, install the Eucalyptus-prepared dependency RPMs on all machines (i.e., install all RPMs on both front-end and node machines) (Note that you must remove any preexisting copies of these dependencies prior to installation. Multiple copies of a dependency will return an error message.)

Install VDDK

Third, install the VMware’s VIX DiskLib (VDDK) on the front end. These libraries are contained within the vmware-vix-disklib-distrib folder within the eucalyptus dependences tarball.

Run the installer script, accepting the End User License Agreement and specifying /opt/packages/vddk/ instead of the default install prefix, as shown:

[root@clc]#cd eucalyptus-deps* [root@clc]#rpm -Uvh *.rpm

[root@node1]#cd eucalyptus-deps* [root@node1]#rpm -Uvh *.rpm

[root@clc]#chmod 0700 jdk*.bin [root@clc]#./jdk*.bin

[root@clc]# mkdir -p /opt/packages/jdk

(34)

3.4.4 Installing Eucalyptus Component Packages

On the front end, install the Eucalyptus component RPMs (-cloud, -walrus, -sc,

and -cc) (Note that if you are running a licensed version of Eucalyptus with VMware support, you will also install –broker) as shown. In the following examples, we use x86_64, which should be replaced with i386 on 32-bit architectures.

On the node machine(s), install the NC RPM (-nc) and common packages, as shown:

[root@clc]# rpm -Uvh eucalyptus-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-common-java-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-cloud-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-walrus-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-sc-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-cc-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-gl-${VERSION}eee-0.*.x86_64.rpm

# include the following RPM for Vmware support only eucalyptus-broker-${VERSION}eee-0.*.x86_64.rpm [root@clc]# cd eucalyptus-deps*/vmware-vix-disklib-distrib

[root@clc]# ./vmware-install.pl

Creating a new VMware VIX DiskLib API installer database using the tar4 format. Installing VMware VIX DiskLib API.

You must read and accept the VMware VIX DiskLib API End User License Agreement to continue. Press enter to display it.

Do you accept? (yes/no) yes

Thank you.

What prefix do you want to use to install VMware VIX DiskLib API? The prefix is the root directory where the other

folders such as man, bin, doc, lib, etc. will be placed. /opt/packages/vddk

The installation of VMware VIX DiskLib API 1.1.0 build-163495 for Linux completed successfully. You can decide to remove this software from your system at any time by invoking the following command:

"/usr/bin/vmware-uninstall-vix-disklib.pl". Enjoy,

(35)

3.4.5 Installing the Eucalyptus EE License

Along with the Eucalyptus EE software you have received a license file. Please install this file in the following directory: /etc/eucalyptus/

3.4.6 Starting Eucalyptus

Startup your Eucalyptus services. On the front end, enter:

(Note that before starting the node controller, you must ensure that your hypervisor and libvirt are configured correctly to run Eucalyptus. For more information, see Appendix B: Installing and Configuring Hypervisors.)

On the node controller, enter:

You have now installed the Eucalyptus software on openSUSE 11.2 and are ready to proceed with registering and configuring your Eucalyptus cloud. Note that before you can run VMs in Eucalyptus, you must first register the Eucalyptus components (to connect them), as described in Section 4: Configuring Eucalyptus.

[root@node1]# rpm -Uvh eucalyptus-${VERSION}eee-0.*.x86_64.rpm \ eucalyptus-nc-${VERSION}eee-0.*.x86_64.rpm \

eucalyptus-gl-${VERSION}eee-0.*.x86_64.rpm

[root@clc]# /etc/init.d/eucalyptus-cloud start [root@clc]# /etc/init.d/eucalyptus-cc start

(36)

3.5 Upgrading from Eucalyptus version 1.6.2 to Eucalyptus 2.0.* EE

Eucalyptus provides convenient RPM packages for upgrading from Eucalyptus version 1.6.2 to Eucalyptus 2.0 EE. Note that your original Eucalyptus 1.6.2

installation must have been performed using RPM packages. The upgrade RPMs are not compatible with previous versions of Eucalyptus installed from source.

Before you begin the upgrade process, stop all services on all components of Eucalyptus. Begin the stopping process on the nodes. Then stop the services on the front end, as shown:

Next, make sure you have downloaded and untarred the appropriate packages for CentOS 5.5 or openSUSE 11.2 as shown in sections 3.3.1 or 3.4.1, respectively; and make sure you have installed all necessary CentOS 5.5 or openSUSE 11.2 operating system dependencies, as shown in sections 3.3.2, then:

1. Install Eucalyptus dependency RPMs on all machines (i.e., install all RPMs on front-end machine and install all RPMs on node machine(s)). Note that you must remove any preexisting copies of these dependencies prior to installation. Multiple copies of a dependency will return an error message.

On CentOS 5.5: On openSUSE 11.2: [root@clc]#cd eucalyptus-deps* [root@clc]#rpm -Uvh * [root@node1]#cd eucalyptus-deps* [root@node1]#rpm -Uvh * [root@clc]#cd eucalyptus-deps* [root@clc]#rpm -Uvh * [root@node1]#cd eucalyptus-deps* [root@node1]#rpm -Uvh *

[root@node1]# /etc/init.d/eucalyptus-nc stop

[root@clc]#/etc/init.d/eucalyptus-cc stop [root@clc]#/etc/init.d/eucalyptus-cloud stop

(37)

2. Install Eucalyptus components. Note that you must install the upgrade components on the same machine as the existing component. In the “single cluster” example, this means all components (except NC) are installed on the front-end machine, while NC is installed on the node machine(s). For both CentOS 5.5 and openSUSE 11.2:

On the front-end machine:

On the node machine(s):

3. Perform the upgrade process as follows:

First, note the name of all backup directories ($BACKUPDIR) printed out when performing the RPM upgrade. Then enter the following on all machines:

On the front-end machine (machine running the CLC), enter:

4. Install the Eucalyptus EE license file you received along with the Eucalyptus EE software. Please install this file in the following directory: /etc/eucalyptus/

[root@clc]# rpm -Uvh eucalyptus-2.0.0eee-*.x86_64.rpm \ eucalyptus-common-java-2.0.0eee-*.x86_64.rpm \ eucalyptus-cloud-2.0.0eee-*.x86_64.rpm \ eucalyptus-walrus-2.0.0eee-*.x86_64.rpm \ eucalyptus-sc-2.0.0eee-*.x86_64.rpm \ eucalyptus-cc-2.0.0eee-*.x86_64.rpm \ eucalyptus-gl-2.0.0eee-*.x86_64.rpm

# include the following RPM for Vmware support only eucalyptus-broker-2.0.0eee-*.x86_64.rpm

[root@node1]# rpm -Uvh eucalyptus-2.0.0eee-0.1436.x86_64.rpm \ eucalyptus-nc-2.0.0eee-*.x86_64.rpm \

eucalyptus-gl-2.0.0eee-*.x86_64.rpm

/usr/share/eucalyptus/euca_upgrade --old $BACKUPDIR --new / \ --conf --keys >/dev/null 2>&1

[root@clc]# export JAVA_HOME=/opt/packages/jdk [root@clc]# export PATH=$JAVA_HOME/bin:$PATH

[root@clc]# /usr/share/eucalyptus/euca_upgrade –old $BACKUPDIR \ --new / --db --product > /dev/null 2>&1

(38)

5. Start Eucalyptus services, as shown:

Note that it is not necessary to reregister your cloud after starting your upgraded components.

3.5.1 Upgrading Volumes and Snapshots for EE 2.0 with SAN Support If you have upgraded from 1.6.2 to Eucalyptus EE with SAN support, after

performing the SAN setup (see Section 4.5: Configuring SAN support), you must also upgrade existing volumes and snapshots from 1.6.2 to EE, as shown:

First, create a volume to ensure your SAN setup is working correctly:

To confirm that the volume has been created, run euca-describe-volumes. Next, on the front end, for each registered storage controller, run the following command, where sc_ip is the IP address of the storage controller. Note that you can obtain a list of registered storage controllers (including IP address/hostnames) at euca_conf –list-scs.

For progress and status, observe the cloud output log at /var/log/eucalyptus/cloud-output.log

When upgrade is complete, you will see “Conversion Complete.”

Note that the storage controller will not be available for servicing user requests during the upgrade process. This is an administrator maintenance operation that must be performed before your cloud is made available to users.

[root@clc]# /etc/init.d/eucalyptus-cloud start [root@clc]# /etc/init.d/eucalyptus-cc start [root@node1]# /etc/init.d/eucalyptus-nc start

[root@clc]# euca-create-volume -z <clusterName> -s 1

(39)

3.6 Upgrading from Eucalyptus 2.0 EE to Eucalyptus 2.0.1 EE

Eucalyptus provides convenient RPM packages for upgrading from Eucalyptus version 2.0 to Eucalyptus 2.0.1 EE. Before you begin the upgrade process, stop all services on all components of Eucalyptus. Begin the stopping process on the nodes. Then stop the services on the front end, as shown:

Next, make sure you have downloaded and untarred the appropriate packages for CentOS 5.5 or openSUSE 11.2 as shown in sections 3.3.1 or 3.4.1, respectively, then 1. Install Eucalyptus components. Note that you must install the upgrade

components on the same machine as the existing component. In the “single cluster” example, this means all components (except NC) are installed on the front-end machine, while NC is installed on the node machine(s). For both CentOS 5.5 and openSUSE 11.2:

On the front-end machine:

On the node machine(s):

2. Perform the upgrade process as follows:

[root@clc]# rpm -Uvh eucalyptus-2.0.1eee-*.x86_64.rpm \ eucalyptus-common-java-2.0.1eee-*.x86_64.rpm \ eucalyptus-cloud-2.0.1eee-*.x86_64.rpm \ eucalyptus-walrus-2.0.1eee-*.x86_64.rpm \ eucalyptus-sc-2.0.1eee-*.x86_64.rpm \ eucalyptus-cc-2.0.1eee-*.x86_64.rpm \ eucalyptus-gl-2.0.1eee-*.x86_64.rpm

# include the following RPM for Vmware support only eucalyptus-broker-2.0.1eee-*.x86_64.rpm

[root@node1]# rpm -Uvh eucalyptus-2.0.1eee-*.x86_64.rpm \ eucalyptus-nc-2.0.1eee-*.x86_64.rpm \

eucalyptus-gl-2.0.1eee-*.x86_64.rpm [root@node1]# /etc/init.d/eucalyptus-nc stop

[root@clc]#/etc/init.d/eucalyptus-cc stop [root@clc]#/etc/init.d/eucalyptus-cloud stop

(40)

First, note the name of all backup directories ($BACKUPDIR) printed out when performing the RPM upgrade. Then enter the following on all machines:

3. Install the new Eucalyptus EE license file you received along with the

Eucalyptus EE 2.0.1 software. Please install this file in the following directory: /etc/eucalyptus/

4. Start Eucalyptus services, as shown:

Note that it is not necessary to reregister your cloud after starting your upgraded components.

/usr/share/eucalyptus/euca_upgrade --old $BACKUPDIR --new / \ --conf >/dev/null 2>&1

[root@clc]# /etc/init.d/eucalyptus-cloud start [root@clc]# /etc/init.d/eucalyptus-cc start [root@node1]# /etc/init.d/eucalyptus-nc start

(41)

Section 4: Configuring Eucalyptus EE

This section shows you how to register and configure Eucalyptus EE once you have completed the software installation process as described in the previous section. We begin with instructions for registering Eucalyptus components and performing initial configuration. This is followed by more detailed instructions for configuring specific Eucalyptus EE features, including VMware support and SAN support. The first step is to register the Eucalyptus components so they can communicate with each other.

4.1 Registering Eucalyptus EE components

This section assumes that you have installed all Eucalyptus EE components and they are up and running. We also assume that your Eucalyptus setup consists of a “single cluster” (one front-end machine and one or more nodes).

First, you must register various front-end components. To do this, run the following commands on the front end:

Note: To use Eucalyptus EE with VMware support you must also register the VMware Broker component, as shown:

Finally, you need to register all nodes with the front end. To do so, run the following command on the front end:

[root@clc]# /usr/sbin/euca_conf \

--register-walrus <front-end IPAddress> [root@clc]# /usr/sbin/euca_conf --register-cluster \ <clusterName> <front-end IPAddress>

[root@clc]# /usr/sbin/euca_conf --register-sc \ <clusterName> <front-end IPAddress>

[root@clc]# /usr/sbin/euca_conf --register-nodes \ "<Node0-IPAddress> ... <NodeN-IPAddress>" [root@clc]# /usr/sbin/euca_conf \

--register-vmwarebroker <clusterName> \ <front-end IPAddress>

(42)

At this point, you have successfully registered Eucalyptus EE components and are ready to proceed with an initial configuration of Eucalyptus EE.

4.1.1 Adding and Removing Nodes

Once your Eucalyptus system is registered and thus connected and running, you can add additional nodes or delete nodes. To add a node, enter:

You will be prompted for a password to log into <nodeNameN>. This is needed to propagate the cryptographic keys.)

Similarly, to remove a node, enter:

4.2 Initial Configuration of Eucalyptus EE

Open your Web browser to the Eucalyptus interface at https://<front-endMachine>:8443

Since Eucalyptus uses a self-signed certificate, your browser is likely to prompt you to accept the certificate. It may take a few minutes after starting the Cloud

Controller for the URL to respond the first time you run Eucalyptus. You will be prompted for a user and password both of which are set to admin initially. Upon logging in the first time you will be asked to:

1. Change the admin password. 2. Set the admin's email address.

3. Confirm the IP of the Cloud Controller host.

After clicking 'Submit', the Configuration tab appears (Figure 4.1). If necessary, you can adjust cloud configuration parameters by inputting new values in the fields provided. Configurable parameters include settings for Cloud Host, DNS, Walrus, Clusters, and VMTypes. Note that to change IP addresses of either Walrus host or Cluster host, you must first deregister Walrus and Cluster; then reregister each with a new IP address using the euca_conf command (see Section 4.1: Registering Eucalyptus EE Components).

[root@clc]# /usr/sbin/euca_conf --register-nodes \ "<nodeName1> ... <nodeNameN>"

[root@clc]# /usr/sbin/euca_conf \

(43)

Figure 4.1 The Eucalyptus Configuration interface lets you adjust the configuration parameters for Cloud Host, DNS, Walrus, Clusters, and VM Types.

4.2.1 Reserving Space for the Image Cache in Walrus

Walrus reserves by default 30GB of space for an image cache. Thus, if the sum total size of all images to be cached in Eucalyptus exceeds 30 GB, you will want to

increase the “Space reserved for unbundling images” parameter (in the Walrus section of the Configuration interface) to a value larger than the sum total size of all the cached images. For example, you may have a total of three images: two 10GB images and one 30 GB image. In order to ensure that all three images are cached and read to run in Eucalyptus, you will need to set the “Space reserved for unbundling images” in Walrus to 50 GB or larger.

4.3 Configuring Windows VM Support

There are no special configuration requirements for Eucalyptus EE with Windows support beyond the registration and initial configuration steps.

For information on preparing (bundling/uploading/registering) Windows images and running Windows instances in Eucalyptus EE, see the Eucalyptus EE User Guide. For information on creating Windows images to run in Eucalyptus, see Appendix A: Creating Windows Images for Eucalyptus.

(44)

4.4 Configuring VMware Support

Configuring Eucalyptus EE with VMware Support involves a few special steps that enable the Eucalyptus VMware Broker component to properly interact with vSphere infrastructure components. In all cases the VMware Broker must be

installed on the same machine as the Eucalyptus Cluster Controller (CC). (Note that this documentation focuses on a “single cluster” Eucalyptus setup where all

components except node controller (NC) are installed on the front end. In more advanced Eucalyptus setups, the CC and VMware Broker may be installed on a machine other than the front end.)

Initial Configuration:

• On the front end, enter the following euca_conf command:

The output of the above command prompts you for the same parameters that the vSphere client application requests at startup. (Note that lines starting with “log4j:ERROR” can be ignored). Input the requested parameters, making sure to specify the full URL and not just the hostname. For example:

The endpoint can be either vCenter or ESX/ESXi node. (We recommend using vCenter as it is easier to configure and can be more efficient.)

If euca_conf has successfully connected to the endpoint, then a list of discovered hosts appears as shown in the following example:

[root@clc]# euca_conf --configure-vmware

Please, supply vSphere endpoint URL: https://192.168.7.70/sdk Please, supply vSphere username: Administrator

Please, supply vSphere password: ****

[root@clc]# euca_conf –check vmware Discovered hosts: 192.168.7.207 login=Administrator datastoreName=datastore1 (4) uploadViaHost=null 192.168.7.213 login=Administrator datastoreName=datastore1 (3) uploadViaHost=null 192.168.7.198 login=Administrator datastoreName=datastore1 (5) uploadViaHost=null [root@clc]#

(45)

4.4.1 Testing VMware Broker Configuration

Running euca_conf --configure vmware generates an XML-based configuration file (named vmware_conf.xml), which directs the interaction of the VMware Broker with vSphere infrastructure components. If the VMware Broker does not find this file or is unable to parse it, the Broker will not become active and no vSphere resources will be available through Eucalyptus. You can check if the VMware Broker is reading vmware_conf.xml and connecting to the VMware endpoints using the euca_conf --check vmware command, as shown in the following section.

To test Vmware Broker configuration:

• Enter euca_conf --check vmware. The following example shows an error message indicating that VMware Broker is unable to contact the VMware endpoint:

To find the source of the above error, try scanning the contents of the cloud-output.log file at /var/log/eucalyptus/cloud-output.log. You may also want to examine (and if necessary edit) the contents of

vmware_conf.xml to verify that the XML markup is structured properly and that parameters are specified correctly. For example, you may wish to specify the name of a vSphere datastore for the VMware Broker to use. (VMware Broker will choose the first datastore available to it by default). Or you may wish to specify the name of a vSphere network to use (again the Broker will select the first network available to it by default). For more information on configuring vmware_conf.xml, see Section 4.4.2 Advanced Configuration of VMware Broker.). When the VMware Broker is connected to the vSphere endpoints, euca_conf --check vmware will return a list of discovered hosts as shown in the preceding section. Note that after making changes to the vmware_conf.xml file you must restart the Cloud Controller as shown:

[root@clc]# euca_conf --check vmware Network mode: SYSTEM

ERROR: no vmware endpoints could be contacted (check url, login, and password)

[root@clc]#